tashatuvango - stock.adobe.com

TikTok ban sails through US Senate

A law that will ban TikTok in the US unless its owner sells up pronto passed the US Senate by a landslide majority after being included in a package of military aid

A bill giving TikTok’s China-based owner ByteDance until January 2025 to sell up or get out of town has sailed through the Senate, the upper chamber of the United States legislature, and looks set to become law, with far-reaching implications.

The landslide vote, split 79 to 18, followed an equally thumping majority in the House of Representatives at the weekend, where the bill was passed after being folded into a wider $95bn package of American aid for Israel, Taiwan and Ukraine, after a previous attempt to push it through stalled. It now heads to the desk of president Biden, who has indicated he means to sign it.

At its core, the law gives ByteDance less than 12 months to sell TikTok to a US-based entity or face being removed from both the Apple App Store and Google Play Store for good. Both Apple and Google would face financial penalties for non-compliance.

TikTok has not directly commented on the development, although it has indicated that it intends to challenge it in court. Such arguments would likely hinge on how a court interprets the First Amendment of the US Constitution, which protects the right to freedom of speech and prevents Congress from passing laws prohibiting it.

The bill’s passage comes amid a growing freeze in relations between China and the US, and long-held concerns that China’s national security laws appear to give it the right to force ByteDance to give it access to any and all data TikTok holds, something ByteDance has always strenuously denied.

Speaking ahead of the vote, senator Mark Warner, who chairs the Senate Intelligence Committee, said it was “not hard to imagine” how such a widely used platform could be manipulated by the Chinese state, and while he said he respected the views of TikTok users – 170 million Americans would be impacted – he pointed out that they had not been present for the classified briefings in which politicians were able to delve more deeply into the potential threats posed by Chinese control of TikTok.

“I want to make clear to all Americans, this is not an effort to take your voice away,” said Warner in widely reported remarks. “Many Americans, particularly young Americans, are rightfully skeptical...But what they have seen, beyond even this bill, is Congress’ failure to enact meaningful consumer protections on big tech, and may cynically view this as a diversion, or worse, a concession to US social media platforms,” he said.

“To those young Americans, I want to say we hear your concern. And we hope that TikTok will continue under new ownership, American or otherwise.”

Jake Moore, global cyber security advisor at ESET, commented: “TikTok data collection is very similar to other social media platforms such as Facebook or Instagram, but the problem with TikTok is not the amount of data collected but who they are potentially sharing it with.

“If Biden signs the bill into law, the chance of it being sold to the US is rather slim, but ByteDance are unlikely to back down without a fight. Even pushing the app underground behind VPN software is a more likely outcome – similar to how some Western apps are accessed in China.”

Significant contribution

As previously reported, a full ban on TikTok in the US would ripple across the wider media landscape, potentially driving users to other platforms that have tried to ride the short-form video wave, particularly Meta’s Instagram, which has been accused of essentially copying TikTok in many regards.

However, it may also disconnect millions of users from one another and damage people’s ability to communicate worldwide, as well as disrupt many small businesses that rely on the platform to market themselves.

A recent report produced by Oxford Economics found TikTok drove $15bn of revenue for SMEs in the US alone in 2023, supported an overall contribution of $24.2bn to the country’s gross domestic product (GDP), $5.3bn of tax revenues, and 224,000 jobs.

Lessons for cyber pros

BlackBerry Cybersecurity vice-president for the UK, Ireland and emerging markets, Keiron Holyome, said that in light of the latest developments there was a clear a signal for end-users and security pros alike to consider the risk of using unsecured applications and personal devices for purposes.

“Regardless of whether it’s TikTok or any other of the multitude of unsecured apps, it pays to be prepared and protected,” said Holyome. “Mobile devices continue to be the weakest point of entry for attackers, and the well-documented data vulnerabilities of ‘recreational’ applications like TikTok create a further security challenge. This is especially true for the many organisations that operate BYOD policies – and moves to restrict personal apps on work devices also puts this popular scheme at risk.

“Our research last August found that 75% of tech decision-makers in the UK had implemented or were considering a ban on recreational apps across BYO and/or corporate devices. Some 83% said politics were influencing attitudes in favour of bans – which suggests moves by the US, as well as the UK, are going to persuade more companies to review their policies in this area.

“If you’re not managing your corporate applications effectively, then it’s not only the personal data that’s potentially at risk, but corporate client sensitive data as well. But carrying out a ban such as this can be challenging because before you can remove or disable an app, you have to know whether it is present in the first place.”

He added: “Robust unified endpoint management [UEM] tools let companies continuously monitor which applications are present and help enforce vital security controls to prevent users from downloading applications without explicit permission … but also without compromising personal privacy and choice of recreational applications used outside of work purposes.”

Read more about TikTok

Read more on Web application security